US7509496B2ExpiredUtilityA1

Device-type authentication in communication systems

78
Assignee: ERICSSON TELEFON AB L MPriority: Feb 28, 2003Filed: Feb 18, 2004Granted: Mar 24, 2009
Est. expiryFeb 28, 2023(expired)· nominal 20-yr term from priority
H04L 63/12H04L 63/08G06F 21/31G06F 2221/2129H04L 63/0876
78
PatentIndex Score
30
Cited by
19
References
15
Claims

Abstract

In a communication system ( 1 ), a header comprising information, preferably being related with a device-type associated commitment, is additionally provided with a signature for that information. The signature guarantees the authenticity of the header information. The signature is tamper-resistantly created in a first device ( 20 ), preferably based on at least tamper-resistant device-type specific information of the first device ( 20 ). The header information and the signature are communicated to a content provider ( 10 ), where the signature is verified before accepting the device-type associated commitment to be valid. Such signatures can preferably be used in systems using HTTP or SMTP.

Claims

exact text as granted — not AI-modified
1. Method for device-type authentication in a communication system, comprising the steps of:
 providing, in a first device connected to said communication system, first header information of a communication message; 
 said first header information being related with a device-type associated commitment; 
 said device-type associated commitment being a commitment for devices of a particular device-type regarding what capability the devices support; 
 tamper-resistantly creating a first signature in said first device based on at least tamper-resistant device-type specific information of said first device; 
 providing, in said first device, second header information of said communication message comprising said signature; 
 communicating said communication message to a second device connected to said communication system; and 
 authenticating said first header information by verifying said first signature after said communicating step, 
 wherein said step of authenticating in turn comprises: 
 determining, in said second device, a device-type of said first device based on said first header information; 
 creating a second signature in said second device based on at least tamper-resistant information associated with said determined device-type; and 
 accepting said determined device-type as authentic if said first and second signatures agree. 
 
     
     
       2. Method according to  claim 1 , wherein said communication system is based on a transfer protocol selected from the group: of HyperText Transfer Protocol and Simple Mail Transfer Protocol. 
     
     
       3. Method according to  claim 2 , wherein said device-type associated commitment is a commitment to follow Digital Rights Management compliance. 
     
     
       4. Method according to  claim 1 , wherein said first device is a user terminal. 
     
     
       5. Method according to  claim 1 , wherein said second device is a server. 
     
     
       6. Method according to  claim 1 , wherein said device-type specific information comprises a definition of an algorithm according to which said signature is to be created. 
     
     
       7. Method according to  claim 1 , wherein said device-type specific information comprises a data string being unique for each particular device type. 
     
     
       8. Method according to  claim 1 , wherein said step of creating a signature is additionally based on at least one item in the group of: time, date and header information. 
     
     
       9. Method for device-type authentication in a communication system, comprising the steps of:
 providing, in a first device connected to said communication system, first header information of a communication message; 
 said first header information being related with a device-type associated commitment; 
 said device-type associated commitment being a commitment for devices of a particular device-type regarding what capability the devices support; 
 tamper-resistantly creating a first signature in said first device based on at least tamper-resistant device-type specific information of said first device; 
 providing, in said first device, second header information of said communication message comprising said signature; 
 communicating said communication message to a second device connected to said communication system; and 
 authenticating said first header information by verifying said first signature after said communicating step, 
 wherein said step of authenticating in turn comprises: 
 forwarding information about said first header information and said first signature from said second device to a third device connected to said communication system; 
 requesting a verification of the authenticity of said first header information by said third device; and 
 accepting said first header information as authentic if said third device provides a positive verification. 
 
     
     
       10. Method according to  claim 9 , wherein said third device is associated with a manufacturer of said first device. 
     
     
       11. Communication device connectable to a communication system, comprising:
 a communication interface for receiving a communication message from a sending device connected to said communication system; 
 said communication message comprising first header information being related with a device-type associated commitment; 
 said device-type associated commitment being a commitment for devices of a particular device-type regarding what capability the devices support; 
 said communication message further comprising second header information in turn comprising a first signature; and 
 authenticating circuitry arranged to verify said first signature, 
 wherein said authenticating circuitry comprises: 
 circuitry arranged to determine a device-type of said sending device based on said first header information; 
 storage for storing device-type specific information of communication devices; 
 a signature generator arranged to retrieve device-type specific information corresponding to said determined device-type; 
 said signature generator being further arranged to create a second signature based on said retrieved device-type specific information; and 
 circuitry arranged to accept said determined device-type as authentic if said first and second signatures agree. 
 
     
     
       12. Communication device according to  claim 11 , wherein said communication interface is arranged to support a transfer protocol selected from the group: of HyperText Transfer Protocol and Simple Mail Transfer Protocol. 
     
     
       13. Communication device according to  claim 12 , further comprising Digital Rights Management means, whereby said device-type associated commitment is a commitment to follow Digital Rights Management compliance. 
     
     
       14. Communication device according to  claim 11 , wherein said communication device is a server. 
     
     
       15. Communication device connectable to a communication system, comprising:
 a communication interface for receiving a communication message from a sending device connected to said communication system; 
 said communication message comprising first header information being related with a device-type associated commitment; 
 said device-type associated commitment being a commitment for devices of a particular device-type regarding what capability the devices support; 
 said communication message further comprising second header information in turn comprising a first signature; and 
 authenticating circuitry arranged to verify said first signature, 
 wherein said authenticating circuitry is arranged to: 
 forward information about said first header information and said first signature to a further device connected to said communication system; 
 request a verification of the authenticity of said first header information by said further device; and 
 accept said first header information as authentic if said further device provides a positive verification.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.